Wireless Access

Okay im trying to identify my cellphone string for the dhcp fingerprint but im unable...

I fallow the steps  of  aruba dhpc fingerprint but i cannot get nothing int he logs....

i go to monitoring --> process logs..

And all i see is this:

Sep 28 16:45:58    fpapps[1503]: <208006> <INFO> |fpapps| Changing the vlan 200 state to UP from DOWN
Sep 28 16:45:58    fpapps[1592]: <208045> <DBUG> |fpapps| Received event 3 for Interface 292
Sep 28 16:45:58    fpapps[1592]: <208043> <DBUG> |fpapps| Nim received event L7_UP for interface 292 linkState 3
Sep 28 16:45:58    fpapps[1592]: <208004> <DBUG> |fpapps| Dot1q Change Call back is called 292 event L7_UP (3)
Sep 28 16:45:58    fpapps[1592]: <208044> <DBUG> |fpapps| Nim Interface 292 state change notification, new state L7_FORWARDING
Sep 28 16:45:58    fpapps[1592]: <208045> <DBUG> |fpapps| Received event 6 for Interface 292
Sep 28 16:45:58    fpapps[1592]: <208043> <DBUG> |fpapps| Nim received event L7_FORWARDING for interface 292 linkState 3
Sep 28 16:45:58    fpapps[1592]: <208004> <DBUG> |fpapps| Dot1q Change Call back is called 292 event L7_FORWARDING (6)
Sep 28 16:45:58    pim[1507]: <204229> <DBUG> |pim| Received IP multicast interface VLAN VLAN Up message for VLAN 200
Sep 28 16:45:58    fpapps[1592]: <208045> <DBUG> |fpapps| Received event 6 for Interface 292
Sep 28 16:45:58    fpapps[1592]: <208043> <DBUG> |fpapps| Nim received event L7_FORWARDING for interface 292 linkState 3
Sep 28 16:45:58    fpapps[1592]: <208004> <DBUG> |fpapps| Dot1q Change Call back is called 292 event L7_FORWARDING (6)
Sep 28 16:45:58    pim[1507]: <204229> <DBUG> |pim| Received IP multicast interface VLAN VLAN Up message for VLAN 200
Sep 28 16:45:59    dhcpdwrap[1563]: <202086> <INFO> |dhcpdwrap| netlink_arp_changed(): ker_mac 38:ec:e4:12:ae:34 pkt_mac 38:ec:e4:12:ae:34 cip 172.29.0.5

as you see no fingerprint...

My aruba controller is just doing layer 2... he does not do any layer 3 decision... i got the ip helper on the Switch core...

The vap im connecting its on Tunnel mode so its okay it should work i guess..

it also says on the guide

The controller must be in the data path of DHCP exchange, but it does not have to be the
DHCP server

Which im not sure what it means... but i guess that as the client is on the way between the controller and the dhcp server this should be a valid scenario for dhcp fingerprint or im wrong?

There is a vrd for dhcp fingerprinting.  It will give you all the details.

Hi NightShade,

if you are following those steps correctly and still can not see the association then try first to clear the aaa database using

#aaa user delete all (or you can specify an <ip address> or MAC address) then try re-connect your device again to the wireless network, sometimes the smart-phone will be having an IP address and therefore does not attempt to use DHCP server, also you can do the ((If the rule uses the DHCP-Option condition, best practices is to enable the Enforce DHCP
parameter in the AP group’s AAA profile, which requires users to complete a DHCP exchange to obtain
an IP address. For details on configuring this parameter in an AAA profile.)) :

Thanks for the post guys°

but actually it was something really silly...

i was doing it on GUI on the logging levels i clicked DHCP debugging did done... but then i dont know i guess i forgot putting apply :(